Re: [liberationtech] Encipher.it

Tue, 18 Jun 2013 13:07:07 -0700 

It's not safe.

This is their bookmarklet:
(function(){document.body.appendChild(document.createElement('script')).src='
https://encipher.it/javascripts/inject.js';})();

That loads a JavaScript file from the encipher.it site, which can be
changed at any time and compromise your messages without your knowledge.

The actual call to encrypt data is here:
https://encipher.it/javascripts/encipher.js :
"""
hmac = hex_hmac_sha1(key, _this.text);
hmac += hmac.slice(0, 24);
cipher = hmac + salt + Aes.Ctr.encrypt(_this.text, key, 256);
"""

They're MACing the key for some reason, then using unauthenticated CTR mode
without an HMAC. So this is completely vulnerable to someone modifying the
ciphertext.

That CTR mode is implemented by this:
https://encipher.it/javascripts/AES.js. That's
using the time of day as a nonce combined with a weak JS Math.random().
That's vulnerable to some attacks as well.

Generally, I'd assume that a random crypto project you run across is
probably not safe.


On Tue, Jun 18, 2013 at 11:51 AM, Lorenzo Franceschi Bicchierai <
[email protected]> wrote:

> Have you guys seen this?
>
> https://encipher.it/
>
> I've searched through the archives but didn't see anything. I'm wondering
> how safe this is.
>
> It has received some small attention on the media before.
>
>
> http://www.pcworld.com/article/255938/encipher_it_encrypts_email_for_free.html
>
> Thoughts?
>
> --
> *Lorenzo Franceschi-Bicchierai
> *Mashable <http://www.mashable.com> Junior US & World Reporter
> [email protected] | [email protected]
> #: (+1) 917 257 1382
> Twitter: @lorenzoFB <http://www.twitter.com/lorenzoFB>
> Skype: lorenzofb8
> OTR: [email protected]
> www.lorenzofb.com
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at [email protected] or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>

--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at [email protected] or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Reply via email to